CVE-2026-29646

Name of the Vulnerable Software and Affected Versions OpenXiangShan NEMU versions prior to 55295c4

Description When running with the RVH (Hypervisor extension) enabled, a VS-mode guest write to the supervisor interrupt-enable CSR sie may be handled incorrectly. This can influence the machine-level interrupt enable state mie, breaking privilege and virtualization isolation. Such a flaw can lead to denial of service or privilege-boundary violation in environments relying on NEMU for correct interrupt virtualization.

Recommendations Update to version 55295c4 or later.